Buffer Over Flow: A Comprehensive Guide with Real-World Examples One of the oldest and most critical flaws in software security is buffer overflows. The second most exploited vulnerability in 2023 was a heap buffer overflow. It has made innumerable attacks possible over the years, frequently with dire repercussions, like Cloudbleed in 2017. Buffer overflows remain …
READ MORESalt Typhoon: A Comprehensive Report on the 2025 Cyberattack on U.S. Telecommunications The year 2025 began with a significant cybersecurity breach that has been dubbed the “Salt Typhoon” attack. This large-scale cyber intrusion targeted major telecommunications companies in the United States, exposing critical vulnerabilities in the nation’s communications infrastructure. This report provides an in-depth analysis …
READ MOREMicrosoft 365 Apps Crashing on Windows Server After Office Update Microsoft 365, formerly known as Office 365, is a cloud-based suite of productivity tools used by millions worldwide. However, a recurring issue has been the unexpected crashing of Microsoft 365 apps on Windows Server systems following certain Office updates. After a recent Office update, some …
READ MOREJanuary Patch Tuesday: Microsoft Resolves 3 Critical Hyper-V Zero-Day Vulnerabilities Microsoft’s January Patch Tuesday rollout has captured significant attention within thecybersecurity community. The tech giant addressed 100 vulnerabilities across itsproduct ecosystem, including three critical zero-day vulnerabilities affecting Hyper-V,its flagship virtualization platform. This update is particularly critical for organizationsrelying heavily on virtualized environments, as these vulnerabilities …
READ MORENSLOOKUP IntroductionHaving access to a website’s Domain Name System (DNS) records is helpful when resolvingDNS issues. Users can use tools found in all popular operating systems to query a web serverand obtain crucial data, like IP addresses and other domain-related details. What is nslookup? A command-line program called nslookup can be used to find the …
READ MORESQLMAP SQLmap is a popular, free tool used for penetration testing to detect and exploit SQL injection vulnerabilities in web applications. Since its launch in 2006, it has become a go-to tool for improving web security. SQLmap is an open-source program designed to automatically identify and exploit SQL injection weaknesses. It’s packed with features that, …
READ MORENew “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites A new “widespread timing-based vulnerability class” that uses a double-click sequence to enable clickjacking attacks and account takeovers on practically all popular websites has been revealed by threat hunters. DoubleClickjacking is the codename given by security researcher Paulos Yibelo to the technique.“Instead of relying on a …
READ MORETRY HACK ME : PHISING EMAILS IN ACTION Task 1: Introduction Now that we covered the basics concerning emails in Phishing Emails 1, let’s dive right into actual phishing email samples. Each email sample showcased in this room will demonstrate different tactics used to make the phishing emails look legitimate. The more convincing the phishing email appears, …
READ MORETRY Hackme : Passive reconnaissance Task 1 Introduction Welcome to the first room of the Network Security Module. This module covers: Passive Reconnaissance Active Reconnaissance Nmap Live Host Discovery Nmap Basic Port Scans Nmap Advanced Port Scans Nmap Post Port Scans Protocols and Servers Protocols and Servers 2 Network Security Challenge In this room, after …
READ MOREDigital Personal Data Protection It appears that you want to know how the DPDP (Data Protection and Digital Privacy) rules and regulations of 2023 and 2025 differ from one another. Here’s an explanation if you’re talking about the Digital Personal Data Protection (DPDP) Act, 2023 in India or a comparable data protection framework: Digital Personal …
READ MORE
Cyber Defentech offers comprehensive cybersecurity training and certifications, empowering professionals to safeguard digital environments against evolving cyber threats.
